← Back

Opensuse

opensuse

3,271 CVEs • 50 products

Products (50)

Click to collapse
Toggle
Leap
leap
1,898 CVEs
Opensuse
opensuse
1,454 CVEs
Backports Sle
backports_sle
326 CVEs
Backports
backports
97 CVEs
Evergreen
evergreen
43 CVEs
Open Build Service
open_build_service
22 CVEs
Libsolv
libsolv
13 CVEs
Factory
factory
10 CVEs
Supportutils
supportutils
6 CVEs
Libzypp
libzypp
5 CVEs
Tumbleweed
tumbleweed
4 CVEs
Zypper
zypper
3 CVEs
Openldap2
openldap2
3 CVEs
Osc
osc
2 CVEs
Suse Linux Enterprise Server
suse_linux_enterprise_server
2 CVEs
Cryptctl
cryptctl
2 CVEs
Munge
munge
2 CVEs
Wicked
wicked
2 CVEs
Pcp
pcp
2 CVEs
Texlive Filesystem
texlive-filesystem
2 CVEs
Rmt Server
rmt-server
2 CVEs
Cscreen
cscreen
2 CVEs
Libeconf
libeconf
2 CVEs
Openstack Cloud
openstack_cloud
1 CVE
Libstorage
libstorage
1 CVE
Libstorage Ng
libstorage-ng
1 CVE
Obs Service Source Validator
obs-service-source_validator
1 CVE
Open Buildservice
open_buildservice
1 CVE
Sysconfig
sysconfig
1 CVE
Tar Scm
tar_scm
1 CVE
Package Hub
package_hub
1 CVE
Yast2 Multipath
yast2-multipath
1 CVE
Yast2 Samba Provision
yast2-samba-provision
1 CVE
Yast2 Printer
yast2-printer
1 CVE
Munin
munin
1 CVE
Suse Package Hub
suse_package_hub
1 CVE
Autoyast2
autoyast2
1 CVE
Hylafax+
hylafax+
1 CVE
Tumbleweed Kopano Spamd
tumbleweed_kopano-spamd
1 CVE
Cyrus Sasl
cyrus-sasl
1 CVE
Python Postorius
python-postorius
1 CVE
Inn
inn
1 CVE
Factory Watchman
factory_watchman
1 CVE
Canna
canna
1 CVE
Leap Micro
leap_micro
1 CVE
Travel Support Program
travel_support_program
1 CVE
Libzypp Plugin Appdata
libzypp-plugin-appdata
1 CVE
Paste
paste
1 CVE
Welcome
welcome
1 CVE
Mirrorcache
mirrorcache
1 CVE

CVEs (3,271)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-14814
6Canonical
DebianLinux+3 more
34A220 Firmware
A320 FirmwareA700s Firmware+31 more
Nov 21, 2024
Sep 20, 2019
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly exec...Show more
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.Show less
CVE-2019-14821
8Canonical
DebianFedoraproject+5 more
28Aff A700s Firmware
Data Availability ServicesDebian Linux+25 more
Nov 21, 2024
Sep 19, 2019
N/A· v4
8.8 HIGH· v3
7.2 HIGH· v2
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kv...Show more
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.Show less
CVE-2019-11779
5Canonical
DebianEclipse+2 more
6Backports Sle
Debian LinuxFedora+3 more
Nov 21, 2024
Sep 19, 2019
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then...Show more
In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then a stack overflow will occur.Show less
CVE-2019-14835
8Canonical
DebianFedoraproject+5 more
34Aff A700s Firmware
Data Availability ServicesDebian Linux+31 more
Nov 21, 2024
Sep 17, 2019
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged gu...Show more
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.Show less
CVE-2019-16239
5Canonical
DebianFedoraproject+2 more
5Debian Linux
FedoraLeap+2 more
Nov 21, 2024
Sep 17, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.
CVE-2019-5482
6Debian
FedoraprojectHaxx+3 more
17Cloud Backup
Communications Operations MonitorCommunications Session Border Controller+14 more
Apr 15, 2026
Sep 16, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
CVE-2019-5481
6Debian
FedoraprojectHaxx+3 more
12Cloud Backup
Communications Operations MonitorCommunications Session Border Controller+9 more
Apr 16, 2026
Sep 16, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
CVE-2019-16319
3Debian
OpensuseWireshark
3Debian Linux
LeapWireshark
Nov 21, 2024
Sep 15, 2019
N/A· v4
7.5 HIGH· v3
7.8 HIGH· v2
In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. This was addressed in plugins/epan/gryphon/packet-gryphon.c by checking for a message length of zero.
CVE-2019-15031
4Canonical
LinuxOpensuse+1 more
4Enterprise Linux
LeapLinux Kernel+1 more
Nov 21, 2024
Sep 13, 2019
N/A· v4
4.4 MEDIUM· v3
3.6 LOW· v2
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardw...Show more
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c.Show less
CVE-2019-15030
4Canonical
LinuxOpensuse+1 more
4Enterprise Linux
LeapLinux Kernel+1 more
Nov 21, 2024
Sep 13, 2019
N/A· v4
4.4 MEDIUM· v3
3.6 LOW· v2
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transa...Show more
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.Show less
CVE-2019-16234
3Canonical
LinuxOpensuse
3Leap
Linux KernelUbuntu Linux
Nov 21, 2024
Sep 11, 2019
N/A· v4
4.7 MEDIUM· v3
4.7 MEDIUM· v2
drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
CVE-2019-16233
4Canonical
LinuxOpensuse+1 more
4Enterprise Linux
LeapLinux Kernel+1 more
Nov 21, 2024
Sep 11, 2019
N/A· v4
4.1 MEDIUM· v3
4.7 MEDIUM· v2
drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
CVE-2019-16232
4Canonical
FedoraprojectLinux+1 more
4Fedora
LeapLinux Kernel+1 more
Nov 21, 2024
Sep 11, 2019
N/A· v4
4.1 MEDIUM· v3
4.7 MEDIUM· v2
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
CVE-2019-16231
4Canonical
LinuxOpensuse+1 more
4Enterprise Linux
LeapLinux Kernel+1 more
Nov 21, 2024
Sep 11, 2019
N/A· v4
4.1 MEDIUM· v3
4.7 MEDIUM· v2
drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
CVE-2019-16167
5Canonical
DebianFedoraproject+2 more
5Debian Linux
FedoraLeap+2 more
Nov 21, 2024
Sep 9, 2019
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c.
CVE-2019-16159
4Debian
FedoraprojectNic+1 more
4Backports Sle
BirdDebian Linux+1 more
Nov 21, 2024
Sep 9, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical...Show more
BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdown communication with a sufficient message length causes a four-byte overflow to occur while processing the message, where two of the overflow bytes are attacker-controlled and two are fixed.Show less
CVE-2016-10937
4Debian
FedoraprojectImapfilter Project+1 more
5Backports Sle
Debian LinuxFedora+2 more
Nov 21, 2024
Sep 8, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate.
CVE-2019-9458
2Google
Opensuse
2Android
Leap
Nov 21, 2024
Sep 6, 2019
N/A· v4
7.0 HIGH· v3
4.4 MEDIUM· v2
In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed...Show more
In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2019-9456
2Google
Opensuse
2Android
Leap
Nov 21, 2024
Sep 6, 2019
N/A· v4
6.7 MEDIUM· v3
4.6 MEDIUM· v2
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction...Show more
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2019-9455
2Google
Opensuse
2Android
Leap
Nov 21, 2024
Sep 6, 2019
N/A· v4
2.3 LOW· v3
2.1 LOW· v2
In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed...Show more
In the Android kernel in the video driver there is a kernel pointer leak due to a WARN_ON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Show less